CVE-2026-29103

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. A Critical Remote Code Execution RCE vulnerability exists in SuiteCRM 7.15.0 and 8.9.2, allowing authenticated administrators to execute arbitrary system commands. This vulnerability is a direc...

CVE-2026-29103

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. A Critical Remote Code Execution RCE vulnerability exists in SuiteCRM 7.15.0 and 8.9.2, allowing authenticated administrators to execute arbitrary system commands. This vulnerability is a direc...

ViT-EnsembleAttack: Augmenting Ensemble Models for Stronger Adversarial Transferability in Vision Transformers

Ensemble-based attacks have been proven to be effective in enhancing adversarial transferability by aggregating the outputs of models with various architectures. However, existing research primarily focuses on refining ensemble weights or optimizing the ensemble path, overlooking the exploration ...

Constrained Network Adversarial Attacks: Validity, Robustness, and Transferability

While machine learning has significantly advanced Network Intrusion Detection Systems NIDS, particularly within IoT environments where devices generate large volumes of data and are increasingly susceptible to cyber threats, these models remain vulnerable to adversarial attacks. Our research...

CVE-2024-49774

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. SuiteCRM relies on the blacklist of functions/methods to prevent installation of malicious MLPs. But this checks can be bypassed with some syntax constructions. SuiteCRM uses tokengetall to par...

Malicious code in mlp-data-product-producer (PyPI)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in mlp-friendship-map-mapping (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c76abb07078c4e50437fae33f4f845fad2aa8532a9503d2c5ea91f4bf6f9a5bb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2023-604 Malicious code in mlp-friendship-map-mapping (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c76abb07078c4e50437fae33f4f845fad2aa8532a9503d2c5ea91f4bf6f9a5bb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

mlp-psychologue.fr Cross Site Scripting vulnerability OBB-1332804

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

PonyOS 0.4.99-mlp - Multiple Vulnerabilities

Advisory: PonyOS Security Issues John Cartwright Introduction ------------ Like countless others, I was pretty excited about PonyOS yesterday April 1st 2013 and decided to give it a go. After wasting a lot of time nyan'ing, I knew this was the future of desktop OSes. However, I wondered how secur...

PonyOS 0.4.99-mlp Privilege Escalation Vulnerability

PonyOS version 0.499-mlp suffers from privilege escalation due to the cat binary being executed with escalated privileges and file permissions do not work. It also has a kernel compromise vulnerability. PonyOS 0.4.99-mlp Privilege Escalation Vulnerability John Cartwright Introduction ------------...